Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 DNS:QUERY:ISC-BIND-RPZ-DOS

Severity

 Major

Recommended

 Yes

Recommended Action

 Drop

Category

 DNS

Keywords

 ISC BIND RPZ Query Processing Denial of Service

Release Date

 2017/07/10

Update Number

 2952

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

DNS: ISC BIND RPZ Query Processing Denial of Service


A denial-of-service vulnerability has been reported in ISC BIND. Successful exploitation could lead to denial-of-service conditions.

Extended Description

If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.

Affected Products

  • Isc bind 9.10.5
  • Isc bind 9.11.0
  • Isc bind 9.11.1
  • Isc bind 9.9.10
  • Netapp data_ontap_edge -
  • Netapp element_software -
  • Netapp oncommand_balance -

References

  • CVE: CVE-2017-3140
  • URL: http://securitytracker.com/id?1038692
  • URL: https://kb.isc.org/article/aa-01495

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out